Follow us on RSS or Twitter for the latest updates.

March 2, 2011

Password Cracking with Rainbowcrack and Rainbow Tables


What is RainbowCrack & Rainbow Tables?

RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique.

In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory. This technique was improved by Rivest before 1982 with the introduction of distinguished points which drastically reduces the number of memory lookups during cryptanalysis. This improved technique has been studied extensively but no new optimisations have been published ever since.

You can find the official Rainbowcrack project here, where you can download the latest version of Rainbowcrack.

In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.

Basically these types of password crackers are working with pre-calculated hashes of ALL passwords available within a certain character space, be that a-z or a-zA-z or a-zA-Z0-9 etc.

These files are called Rainbow Tables.

You are trading speed for memory and disk space, the Rainbow Tables can be VERY large.

Be warned though, Rainbow tables can be defeated by salted hashes, if the hashes are not salted however and you have the correct table, a complex password can be cracked in a few minutes rather than a few weeks or months with traditional brute forcing techniques.

So where do I get these Rainbow Tables?

You can generate them yourself with RainbowCrack, this will take a long time, and a lot of diskspace.

Project Shmoo is offering downloads of popular Rainbow Tables via BitTorrent.

http://rainbowtables.shmoo.com/

If you wanted to, you could even buy the tables from http://www.rainbowtables.net/.

Or these guys, not free but cheap http://www.rainbowcrack-online.com/

Some free tables here http://wired.s6n.com/files/jathias/index.html

What software is available for use with Rainbow Tables?

There is of course the original RainbowCrack as mentioned above.

Then there is:

Ophcrack

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance.

Cain and Abel (newly added support for Rainbow Tables)

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Cain and Abel is personally my favourite fully featured password whacking tool, it also has a good packet sniffer, which grabs and decodes passwords and many methods for password cracking. The interface is decent too. I’ll write more on how to get the most out of Cain later.

L0phtcrack or LC5

LC5 is the latest version of L0phtCrack, the award-winning password auditing and recovery application used by thousands of companies worldwide.

Please note this is a COMMERCIAL product.

LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003

Thankfully there is a freeware alternative to LC5 in the form of LCP.

http://www.rainbowcrack.com/
http://sarcaprj.wayreth.eu.org/
http://passcracking.com/
http://www.md5lookup.com/
http://www.plain-text.info/
http://ap0x.headcoders.net/xHashBrutter.rar
http://www.loginrecovery.com/

4 Responses to “Password Cracking with Rainbowcrack and Rainbow Tables”

Anonymous said...
April 5, 2011 at 5:42 PM

Top quality article!


Pete Norswash said...
April 5, 2011 at 5:46 PM

Yeah, Cain&Abel is an AWESOME tool.. I’ve used it alot for a couple of security audits i’ve done in the last few years, and I was never disapointed by it..


Klery Martls said...
April 5, 2011 at 5:59 PM

I was wondering does this crack e-mail password too o_O, it seems dangerous


dfgdfg said...
April 5, 2011 at 6:09 PM

@-> Klery Martls: It depends how you have the password, this method is used for cracking ‘Hashed’ passwords in a short time, rather than brute forcing them for weeks. You need to use different techniques for e-mail passwords. In the case of e-mail passwords you are brute forcing the actual authentication mechanism, not the hash. You need to look at something like THC-Hydra. I’ll talk about that at another date


Post a Comment